OS: Windows 8.1
Hello, recently I encountered an issue with my PC. Specifically, various TCPip connections are being made to various domains (Akamai, Amazonaws, and others) while I am not in my internet browser. Even more concerning is that my explorer.exe is establishing a connection through port 443 (HTTPS) to a Windows.com domain (according to CurrPorts app). I'm not sure if that's the norm, or not, but, I don't see why my explorer.exe of all things needs to have an active connection to the web. Equally concerning, while viewing Resource Monitor, "System" and "LMS.exe", often have an active network connection. (Note: I've managed to prevent "LMS.exe" from making connections through firewall restrictions)
While looking at IPConfig (from CMD.exe) I'm noticing that my IPv6 connection is using a temporary IPv6 address. Not being greatly familiar with advanced network settings, this threw a red flag up for me (among other things), as I hadn't configured my network to run in such a manner. In regards to this IPv6 setting, while viewing my Resource Monitor, I'm noticing a LOT of IPv6 & IPv4 Loopbacks. Again... Being unfamiliar with advanced networking, I'm not sure if this is the norm.
After some preliminary checks I'm coming up empty (Avira, EEK, Kaspersky, FRST registry check appears OK). However, I'm almost certain I have some sort of Trojan/Malware that has potentially corrupted files, as I have a lot of unsolicited network activity (although typically unnoticeable without a Resource Monitor/ CurrPorts).
Once I finally stopped freaking out over my practically brand new computer being potentially infected, I checked out my firewall settings and locked down any and all Rules that did not appear to be critical, as well as some that seemed "official". In doing so, I've limited a lot of the attempted connections while retaining access to the Internet.
So.....! I've posted this here to get some user-feedback regarding the matter until a BC pro can address my initial post. Any and all help/feedback is greatly appreciated!
Edited by 2nuhh, 15 February 2015 - 07:17 PM.